mirror of
https://github.com/optim-enterprises-bv/homelab.git
synced 2025-10-29 17:12:34 +00:00
feat(ingress): Provision Traefik as an ingress controller
This commit is contained in:
Vegard Hagen
51
README.md
51
README.md
@@ -1,5 +1,17 @@
|
||||
A Terraform script to provision a Kubernetes Cluster with stuff
|
||||
|
||||
|
||||
# MAYBE JUST USE MINIKUBE?
|
||||
|
||||
```
|
||||
minikube start --network-plugin=cni --cni=false
|
||||
```
|
||||
|
||||
Need CNI (Cilium) LoadBalancer (MetaLB) and IngressController (Traefik) I think.
|
||||
https://pgillich.medium.com/setup-on-premise-kubernetes-with-kubeadm-metallb-traefik-and-vagrant-8a9d8d28951a
|
||||
|
||||
Interesting: https://github.com/Mosibi/mosibi-kubernetes
|
||||
|
||||
# Setup cluster with kubeadm
|
||||
|
||||
Disable swap for kubelet to work properly
|
||||
@@ -22,8 +34,11 @@ sudo apt-get install -y containerd conntrack socat kubelet kubeadm kubectl
|
||||
cri-ctl: https://github.com/kubernetes-sigs/cri-tools
|
||||
nerdctl?
|
||||
|
||||
|
||||
We are going to use Cilium kube-proxy
|
||||
```shell
|
||||
sudo kubeadm init
|
||||
sudo kubeadm init --skip-phases=addon/kube-proxy
|
||||
sudo kubeadm init
|
||||
```
|
||||
|
||||
## Set up kubectl
|
||||
@@ -31,8 +46,17 @@ https://kubernetes.io/docs/tasks/tools/
|
||||
|
||||
```shell
|
||||
mkdir -p $HOME/.kube
|
||||
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
|
||||
sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
||||
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config && sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
||||
```
|
||||
|
||||
For remote kubectl
|
||||
```shell
|
||||
scp veh@192.168.1.12:/home/veh/.kube/config ~/.kube/config
|
||||
```
|
||||
|
||||
## (Optional) Remove taint for single node use
|
||||
```shell
|
||||
kubectl taint nodes --all node-role.kubernetes.io/control-plane- node-role.kubernetes.io/master-
|
||||
```
|
||||
|
||||
## Install CNI
|
||||
@@ -40,13 +64,20 @@ We choose Cilium
|
||||
https://docs.cilium.io/en/stable/gettingstarted/k8s-install-helm/
|
||||
|
||||
```shell
|
||||
helm repo add cilium https://helm.cilium.io/
|
||||
helm install cilium cilium/cilium --version 1.11.5 --namespace kube-system
|
||||
cilium install
|
||||
```
|
||||
|
||||
## (Optional) Remove taint for single node use
|
||||
```shell
|
||||
kubectl taint nodes --all node-role.kubernetes.io/control-plane- node-role.kubernetes.io/master-
|
||||
helm repo add cilium https://helm.cilium.io/
|
||||
```
|
||||
|
||||
```shell
|
||||
kubectl -n kube-system get pods --watch
|
||||
```
|
||||
|
||||
### Validate
|
||||
```shell
|
||||
kubectl -n kube-system get pods -l k8s-app=cilium
|
||||
```
|
||||
|
||||
## Deploy using Terraform
|
||||
@@ -58,6 +89,8 @@ terraform apply
|
||||
|
||||
## Cleanup
|
||||
```shell
|
||||
kubectl drain <node name> --delete-emptydir-data --force --ignore-daemonsets
|
||||
kubeadm reset
|
||||
kubectl drain ratatoskr --delete-emptydir-data --force --ignore-daemonsets
|
||||
sudo kubeadm reset
|
||||
sudo iptables -F && sudo iptables -t nat -F && sudo iptables -t mangle -F && sudo iptables -X
|
||||
sudo ipvsadm -C
|
||||
```
|
||||
14
dashboard.yaml
Normal file
14
dashboard.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
# dashboard.yaml
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: dashboard
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
routes:
|
||||
- match: Host(`traefik.localhost`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
|
||||
kind: Rule
|
||||
services:
|
||||
- name: api@internal
|
||||
kind: TraefikService
|
||||
46
main.tf
46
main.tf
@@ -4,12 +4,16 @@ terraform {
|
||||
source = "hashicorp/kubernetes"
|
||||
version = ">= 2.0.0"
|
||||
}
|
||||
helm = {
|
||||
source = "hashicorp/helm"
|
||||
version = ">= 2.5.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#provider "kubernetes" {
|
||||
# config_path = "~/.kube/config"
|
||||
#}
|
||||
provider "kubernetes" {
|
||||
config_path = "~/.kube/config"
|
||||
}
|
||||
|
||||
provider "helm" {
|
||||
kubernetes {
|
||||
@@ -24,9 +28,43 @@ resource "helm_release" "cilium" {
|
||||
chart = "cilium"
|
||||
namespace = "kube-system"
|
||||
version = "1.11.5"
|
||||
|
||||
}
|
||||
|
||||
#resource "kubernetes_namespace" "traefik" {
|
||||
# metadata {
|
||||
# name = "traefik"
|
||||
# }
|
||||
#}
|
||||
|
||||
#resource "helm_release" "traefik" {
|
||||
# name = "traefik"
|
||||
#
|
||||
# repository = "https://helm.traefik.io/traefik"
|
||||
# chart = "traefik"
|
||||
# namespace = "traefik"
|
||||
# version = "10.20.0"
|
||||
#}
|
||||
|
||||
#resource "kubernetes_service" "traefik" {
|
||||
# metadata {
|
||||
# name = "traefik"
|
||||
# namespace = kubernetes_namespace.traefik.metadata.0.name
|
||||
# }
|
||||
# spec {
|
||||
# selector = {
|
||||
# app = helm_release.traefik.manifest
|
||||
# #app = kubernetes_deployment.test.spec.0.template.0.metadata.0.labels.app
|
||||
# }
|
||||
#
|
||||
# type = "NodePort"
|
||||
# port {
|
||||
# node_port = 9001
|
||||
# port = 9000
|
||||
# target_port = 9000
|
||||
# }
|
||||
# }
|
||||
#}
|
||||
|
||||
#resource "kubernetes_namespace" "test" {
|
||||
# metadata {
|
||||
# name = "nginx"
|
||||
|
||||
Reference in New Issue
Block a user